Hello @ujjwalDev - Why the conditional validation? Have you tried implementing a single <validate-jwt ...>
policy with multiple issuers and signing keys? But if you must, I believe you can associate your subscribers to distinct products in APIM and do something like this: https://stackoverflow.com/a/64475306/528779
Access Context Origin for conditional JWT validation
ujjwalDev
46
Reputation points
Hi,
I want to conditionally validate JWT depending on the origin (subscriber).
I have an api on APIM which needs to support OAUTH2 token from two IDPs.
If Origin is X, I want to validate the token against Identity provider X
Else validate against AAD using validate-jwt policy
Which context property would be best to do this conditional check.
Accepted answer
-
Mike Urnun 9,676 Reputation points Microsoft Employee
2021-04-11T23:07:01.003+00:00